Posted on 06/14/2010 8:03:57 AM PDT by Gomez
Dell reckons Ubuntu offers more protection than Windows online as it convinces consumer PC shoppers they shouldn't be scared of Linux.
In a statement flagged here by TheVarGuy.com, Dell picked on security as one of ten reasons why people should buy PCs running Canonical's Linux rather than Microsoft's operating system.
According to Dell's site (here, and a PDF here (pdf) in case the page is moved):
6) Ubuntu is safer than Microsoft Windows: The vast majority of viruses and spyware written by hackers are not designed to target and attack Linux.
Dell does not provide further details, but continues to state anti-virus and anti-spyware software is "unwarranted" for Ubuntu while such software comes at "extra cost" for Windows.
It's a new take on the classic argument that Linux, Mac or Windows is safer than one of the others, and one that's going to inflame and inspire fanbois on both sides.
Microsoft does actually offer free anti-virus software with Windows, with Windows Defender, along with its free Security Essentials service to protect against viruses and spyware.
Also, the operating system is not the only way into a system and its applications that leave users' vulnerable - even those on Linux. Adobe Systems Flash 10 contained a zero-day security flaw that affected Linux and Mac systems in addition to Windows and could let a hacker potentially take control of a users' PC.
The vendor, which has slipped to third place in global PC shipment rankings, buttressed its security argument by trying to neutralize potential concerns people might have on opening the box containing their new PC to find it doesn't run Windows.
"Linux has been around for nearly 20 years. The software itself is not only stable and reliable, but also pervasive. Linux is used on computers of all sizes ranging from the biggest to the smallest," Dell said.
Dell added it's been shipping Ubuntu since 2007 with every PC fully tested to "ensure the best possible Internet and multimedia experience Linux has to offer".
The push for Ubuntu comes as Dell's site indicated Ubuntu 10.04, released in April, will be appearing on Dell systems this summer. In a further push Dell said boot times have been improved dramatically over Ubuntu 9.10, currently on Inspiron 15n systems, to around 30 seconds.
ping
Dell doesn’t offer much selection in their Ubuntu-preloaded systems. Looks like they’re currently offering a grand total of two systems, both laptops.
Actually, my favorite distro is "Mint". Mint is easy to install and has some great out-of-the-box software ready to run.
I still think that about 50% of the Windows users out there are still not ready for Linux though, as it has a bit of a ways to go yet. This is quite an improvement because 3 years ago I thought 90% could not possibly make the transition.
If it weren't for the the fact that my business requires asp.net and SQL server, I would probably use windows only on rare occasions.
The argument Dell is making is both true and, for most home users, immaterial. It is true that Windows has by far the most malware written for it. Microsoft has a reputation for leaving holes in the OS as they rush to market. (Windows 7 has been a pleasant exception to that rule - the vast majority of the critical security updates for Windows 7 since its release have been for IE8, not for the OS itself.) Windows also controls about 90% of the PC market, so anyone writing malware gets more bang for their buck by attacking the Windows platform.
It is immaterial because most users are still going to want a Windows PC because that is the platform they want in order to run the apps they like. Most users just want to turn on the PC and go - they don't want to learn command line utilities, or learn how to compile and install apps from source.
I like Linux, especially Ubuntu. I use a lot of Linux utilities when doing forensic exams, etc, and I even like it as a desktop OS. But I am a bit of a geek, and I enjoy the intricacies of Linux and the wide variety of open source software. But I represent the market that Linux appeals to - technically advanced users who enjoy tweaking and tuning their systems, who like to develop apps or use the advanced features of the system. Until Linux can match Windows for the type an quality of apps offered by Windows, it will not be a mainstream OS.
Sorry, but that is my professional opinion. Flame away. (Asbestos suit on.)
Of course, if it gets too popular, many of the advantages will be reduced.
Having ‘grown up’ using UNIX PWB 7 on a PDP 11/45 back in 1979, one can just imagine the frabjous joy when Linux came out. A true multi-user operating system, one where the individual (a truly hated term at Microsoft) can control his/her own security and, here’s the best part, it’s FREE!!!!
In addition:
Apache Web Server - FREE
Open Office - FREE
Firefox - FREE
Firewalls - FREE
Windows-like User Interface Option - FREE
Incredible! Just like software used to be before BillCo started charging ever increasing amounts for a seriously flawed, vulnerable Operating System.
There are a tremendous number of users out there that use their computer primarily for surfing the net, email, and a little word processing.
Ubuntu does all of those thing wonderfully.
It is all I want to have on the net. If I am going to do a lot of processing, I will probably do it off line in a dedicated computer so that I don't have to worry about compromising my security.
Keep in mind that Linux is only as secure as the user. When MS put UAC in Vista, folks were annoyed with the pop up for permission that they either disabled UAC or just blindly click to accept without understanding the risks.
With Ubuntu, anything requiring sudo access requires the password be entered, and if someone enters their password without thinking about why the popup came up in the first place, they may be setting themselves up to fail. Many malware, spyware, adware, and virus programs are written with Windows FS in mind, but I’m certain there are variants of those programs in ext3/4 or other flavors of Linux FS that could cause equal havoc. That would make most folks batty considering the Linux FS is vastly different from NTFS, and if one isn’t knowledgeable of the infected Linux FS, they might as well toss the machine out a Window.
Oh, and good luck to those woebegone users who take it to Geek Squad or some other commercial outfit to fix. The prevalence of Linux-knowledgeable admins at a company like that would be nil to non-existent. If you’re any good at NIX-based systems, there’s a bigger market in corporate America over some retail PC repair shop job.
I agree with you CA, you’re not going to get wholesale market buy-in of Linux considering the need to understand basic CLI and the initiative to search the web for issues. The Ubuntu forums are awesome, but granny and grampy aren’t going to have the initiative to do the legwork when Thunderbird blows up.
You are a part of a small minority of users. Perhaps that group will begin to grow, as web apps become more prevalent and installed apps become less important. But we have a way to go to get there.
Of course, if Linux starts to become more prominent, the amount of malware to be written for it will increase as well...
Last week I ordered a nice Core i5 system from Lenovo and I plan to install Ubuntu 10.04 on it. I am running it now in Virtual Box and I’m quite impressed with it - this is the first Linux I’ve seen that can actually compete with Windows and OS X in terms of useability and appearance. I am switching to Linux because even though Apple makes a nice OS, their corporate culture sickens me. Secrecy, closed source, and now the impending death of OS X in favor of the iOS with an App Store that will only sell Apple approved software. I dont want Steve Jobs controlling what goes on my computer, and Ubuntu 10.04 is a great alternative for home use. For business, its Windows 7 all the way, however.
I have Linux PCLinuxOS on a separate bootable HD. I primarily use WinXp as I have 100 PLUS APPS NOT READILY AVAILABLE with Linux.
I just got a Dell 15N. I'm little peeved at Dell because the Windows version was put on sale but the Linux version was not. I bought the Windows one because it was 100$ cheaper and installed Ubuntu on it, which I'm now using with Chrome.(Chrome finally has a stable Linux version!)
For anybody doing likewise the automatic dual boot option leaves a tiny half a gig of the drive for Ubuntu. I have since changed that to 60 Gigs without any problems with the Windows part.
By the way I made the above graphic with a Linux program called Gimp. One of the many FREE programs Linux offers. (I'm not worried about the Flash 10 security problem because they still don't have a 64bit version that works for Linux!)
The Alpha version of 64-bit Flash 10 works fine, now.
I'm pretty sure my house is less secure than one in any neighborhood in Detroit.
It's a good bet though that its safer...
For most of the home users I've seen, even MS Office is too advanced for their needs. They need to surf, do documents, spreadsheets for some, maybe chat or want P2P. That's all available on any platform. The differentiating question then becomes how seamlessly, elegantly and idiot-proof it all works together. Mac wins there, Windows second, Linux third.
Of course, if Linux starts to become more prominent, the amount of malware to be written for it will increase as well...
That's what they said about the Mac. Under OS 9 and previous there were over 100 pieces of malware active in the wild, infecting computers. With the much larger installed base of OS X, we're still waiting. What's the difference? The old OS architecture was swiss cheese security-wise.
OOps, I meant to address that to the OP. Sorry for clogging your ping list.
I'm running Ubuntu 10 under VMWare Fusion on a Mac, so I get a direct comparison of the usability of the two. Linux still has quite a ways to go to get up to Mac UI standards. Given that Canonical recently started a concerted effort to make the UI better and more cohesive, and seeing what affect that had on 10, they might actually get close with the next version.
I use a wrapper on 64bit machines to run 32bit Flash. While I don't use Ubuntu very often (generally I run Fedora), I believe that from looking around the web that the relevant Ubuntu package is flashplugin-nonfree. (There's a webpage here that mentions this solution.)
The installed base of Macs is still less than 5% of the PC market - it is still not a big enough target for most malware writers. Remember, the malware writer of today is not a college kid looking to make a name for himself. It is someone looking to steal information that will allow them to steal your money or your identity. They are business people, and will spend their time on what will give them the greatest return. Would you spend time on a "product" that would give you access to only 5% of the market, or one that would give you access to 90% of the market?
LOL!
The installed base is about 50 million. SQL Slammer infected around 75,000-100,000 hosts, estimated to be 90% of the vulnerable population. Witty infected 12,000 hosts, about 100% of the vulnerable population. Both did their job in under an hour. It can be, and is, done.
Would you spend time on a "product" that would give you access to only 5% of the market, or one that would give you access to 90% of the market?
Do you want to hit a saturated market with 90%, or a virgin market with 5%? As a kicker, most of that market is not running with extra protection. Also, the average user in that market is more affluent than a user in the other market, making money and identity theft even more lucrative.
As a money-making hacker, why would you ignore 50 million supposedly easy targets?
As a fame-seeking hacker, why would you not want to be the first one to create a successful OS X worm or virus?
There is obviously a learning curve, and Linux is definitely not as consumer friendly as Mac (or MSFT I imagine) but I'm very happy with it and I think he has come to like it.
And I paid $349 new for it which is over $2,000 less than what my MacBook Pro cost -- granted the screen size is 15 inch vs 17 inch for my Mac.
If you have the money go for the Mac. If you don't, you probably would be pleasantly surprised by the Linux.
Linux Mint is about as close to a Windows UI as you’ll find.
ping
That's a good thing?? :-)
Actually, Gnome isn't all that great but I'm going to keep life as simple as possible and stick to the Ubuntu upgrade cycle.
For Mom and Pop, it is.
Good point.
Is rather flashy.
You are making my case for me. Slammer and Witty were destructive types of malware, designed to make a big splash. And even with over a billion Windows machines worldwide (as of 2008), both of those pieces of malware only affected a small subset, but they made a lot of noise. Today's malware writers don't want to make noise, they want to make money.
Do you want to hit a saturated market with 90%, or a virgin market with 5%? As a kicker, most of that market is not running with extra protection. Also, the average user in that market is more affluent than a user in the other market, making money and identity theft even more lucrative.
Cyber criminals deal in a volume business. They may only get about a 0.05% return (in other word, out of 2000 systems attacked, they may get the information they want from one of them). That 50 million systems is but a drop in the bucket. Plus, the method for distributing such malware makes it extremely difficult to target a specific OS. If you are sending an infected e-mail as a vector, you generally don't have a list of just Mac users to target. They will blanket a huge list of e-mail addresses, and since 90% of the recipients will be on Windows, that is the market they will target to get the greatest return.
Yeah but its "temporarily" been taken offline by Adobe:
We have temporarily closed the Labs program of Flash Player 10 for 64-bit Linux, as we are making significant architectural changes to the 64-bit Linux Flash Player and additional security enhancements. We are fully committed to bringing native 64-bit Flash Player for the desktop by providing native support for Windows, Macintosh, and Linux 64-bit platforms in an upcoming major release of Flash Player. We intend to provide more regular update information on our progress as we continue our work on 64-bit versions of Flash Player. Thank you for your continued help and support. Stay tuned to the Flash Player discussion forum for further announcements.
Which is a shame, it worked beautifully on my system.
Destructive or not, the point is that the installed base of OS X is far larger than need be in order to be attacked, both for reasons of will (the desire of the attackers to target the software product) and technical (enough machines to create a 'critical mass' for fast replication).
They will blanket a huge list of e-mail addresses, and since 90% of the recipients will be on Windows, that is the market they will target to get the greatest return.
Given that the expenditure is about nothing to perform these mailings through their spam bot farms (Windows, BTW), it would be unreasonable to not also send emails that are also effective against Macs. Who purposely rejects an affluent, unprotected 50 million targets when no extra cost would be incurred in the distribution to those targets?
Of course, the reason is simple, and I alluded to it above: "effective against Macs." Nobody's come up with one yet that can survive in the wild despite many attempts.
Or let's turn the Macs into spam bots! They're unprotected, right? Getting even 1% means a 500,000 strong bot farm, a rather large farm even in the Windows world. And I've already shown how fast small vulnerable populations can be taken over by self-spreading malware. Nope, no farm in existence yet.
True, but those same 50% would be equally out of luck if the had to install Windows to a bare system. That's not considered a fault of Windows, yet its a significant hurdle to users trying Linux.
Then there is the hurdle of moving from the OS that came on their computer and they've learned to one that does things differently. Brand new computer users will accept a learning curve and all kinds of confusion when they start out because they recognize that they are new users. But you're only going to get that kind of open-mindedness out of a person once. After that they resent any equivalent learning curve as proof that what they're used to is superior to all others.
Forgot this. You are looking at it the wrong way. These malware did not have a target population of one billion Windows computers. SQL Slammer had a target population of around 100,000 or so SQL and MSDE systems, and Witty targeted a population of 12,000 BlackICE systems. In each case they infected almost all of their targeted systems.
Before Witty, people weren't even sure if a worm could replicate among 12,000 machines in the wild of the Internet with almost a billion machines. Could the copies of the worm find other vulnerable systems in enough quantity to hit a critical mass? Turns out they could, and faster than anyone thought, with the 12,000 target systems infected in only half an hour.
I'm confident that Windows 7 reaching market penetration parity with XP yet having a drastically lower base of malware in the wild than XP will finally put the lie to the notion that OS market share trumps OS design in security.
I wonder if the ardent advocates of the market-share position will remember their arguments then...
You're missing the point. Yes, these worms only targeted a specific subset of systems with a particular vulnerability, and did so quite efficiently. However, the purpose was to wreak havoc and make a splash - not to make money. These did not make money for the culprits, nor were they intended for such purposes.
If the goal is to make money, you focus your R&D on the market that will give you the greatest return for your investment (ROI). Due to the size of the potential market, that makes the Windows platform the most attractive target.
Maybe a worm or other malware could be designed to affect the Mac, maybe not - the truth is that in this environment, most cyber criminals are not going to make the effort because the potential return is so small. Sorry if that offends you in some way. If I were you, I'd be happy to be ignored by the crooks, not standing up shouting "why doesn't somebody attack me too?"
Agreed, it is IMO the best distro available to those who want an easy to install software, without a learning curve, and tons of software installed.
I like Ubuntu, but Mint is better and far easier for the average user to switch without a lot of problems.
You keep bringing up this irrelevant difference. The question: Is Mac big enough to target? Answer: Yes, smaller populations have been targeted. Whether it's for damage or money, they're both looking for effect. They take the time to develop malware for those products.
Maybe a worm or other malware could be designed to affect the Mac, maybe not - the truth is that in this environment, most cyber criminals are not going to make the effort because the potential return is so small.
Explain the malware for OS 9, and why it suddenly cut off for OS X and never grew to pre-OS X levels again despite a larger installed base. Yes, there is still damaging malware out there. There was no cutoff date where suddenly people stopped writing damaging malware. Even then, OS X was out long before your supposed cutoff. There were millions of OS X machines out there when someone was developing Witty to target only 12,000 machines.
Even for the money, I still don't see how a criminal could ignore 50 million lucrative targets when attacking them wouldn't cost any more. If they had effective Mac malware it would take no effort or money to target that rich environment.
But I'm sure one could be designed. No system is perfect.
If I were you, I'd be happy to be ignored by the crooks, not standing up shouting "why doesn't somebody attack me too?"
That is a dangerous thing to do. The basic fact people don't want to admit is that Jobs chose a very secure OS architecture, BSD. Allowing that little bit of credit to Apple would hurt too much for some.
That will be conveniently forgotten.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.